<?php
class userActions extends sfActions {

  public function executeSignin(sfWebRequest $request) {
    if ($this->getUser()->isAuthenticated()) {
      $this->redirect('@offer_list_current');
    }

    $this->form = new SignInForm(array(Constants::USER_GROUP_SUPER_ADMIN, Constants::USER_GROUP_MERCHANT_ADMIN, Constants::USER_GROUP_MERCHANT_USER));
    if ($request->isMethod('post')) {
      $formData = $request->getParameter(SignInForm::FORM_NAME);
      $this->form->bind($formData);

      if ($this->form->isValid()) {
        $user = USERTable::getInstance()->findByUsername(trim($formData[SignInForm::FIELD_USERNAME]));
        $user->setIpAddress(ServerUtil::getUserIp());
        $user->setLastLoginAt(date(Constants::DATE_TIME_MYSQL_DB));
        $user->save();

        $this->getUser()->setAuthenticated(true);
        $this->getUser()->setAttribute(Constants::SESSION_USER_ID, $user->getId());
        $this->getUser()->setAttribute(Constants::SESSION_USERNAME, $user->getUsername());
        $this->getUser()->setAttribute(Constants::SESSION_FIRST_NAME, $user->getFirstName());
        $this->getUser()->setAttribute(Constants::SESSION_LAST_NAME, $user->getLastName());
        $this->getUser()->setAttribute(Constants::SESSION_USER_GROUP_ID, $user->getUserGroupId());
        $this->getUser()->setAttribute(Constants::SESSION_MERCHANT_ID, $user->getMerchantId());
        $this->getUser()->addCredentials($user->getUSER_GROUP()->getName());
        $this->getUser()->addCredentials($user->getUSER_GROUP()->getId());
        $this->redirect('@offer_list_current');
      }
    }
  }

  public function executeChangePassword(sfWebRequest $request) {
    try {
      $this->form = new ChangePasswordForm();
      if ($request->isMethod('post')) {
        $formData = $request->getParameter(ChangePasswordForm::FORM_NAME);
        $this->form->bind($formData);

        if ($this->form->isValid()) {
          $user = USERTable::getInstance()->findByUsername($this->getUser()->getAttribute(Constants::SESSION_USERNAME));
          $salt = StringUtil::generateRandomString(20);
          $password = StringUtil::hashPassword(trim($formData[ChangePasswordForm::FIELD_NEW_PASSWORD]), $salt);
          $user->setPassword($password);
          $user->setSalt($salt);
          $user->save();

          $this->redirect('@change_password?success=1');
        }
      }
    } catch (Exception $e) {
      
    }
  }

  public function executeForgot(sfWebRequest $request) {
    if ($this->getUser()->isAuthenticated()) {
      $this->redirect('@offers_current');
    }

    $trans = SystemUtil::beginDoctrineTransaction();
    try {
      $this->form = new ForgotPasswordForm();
      if ($request->isMethod('post')) {
        $formData = $request->getParameter(ForgotPasswordForm::FORM_NAME);
        $this->form->bind($formData);

        if ($this->form->isValid()) {
          $user = USERTable::getInstance()->findByUsername(trim($formData[ForgotPasswordForm::FIELD_USERNAME]));
          $salt = StringUtil::generateRandomString(20);
          $user->setSalt($salt);
          $tmpPassword = StringUtil::generateRandomString(8);
          $password = StringUtil::hashPassword(trim($tmpPassword), $salt);
          $user->setPassword($password);
          $user->save();

          $email = new EMAIL();
          $email->setEmailTo($user->getEmail());
          $email->setSubject('Password Recovery');
          $email->setMessage(array('name' => $user->getFirstName(), 'password' => $tmpPassword, 'url' => $this->getController()->genUrl('signin', true)));
          $email->setTemplateFile('forgotPassword');
          $email->setContentType(emailTask::CONTENT_TYPE_HTML);
          $email->save();

          SystemUtil::commitDoctrineTransaction($trans);

          $this->redirect('@forgot?success=1');
        }
      }
    } catch (Exception $e) {
      SystemUtil::rollbackDoctrineTransaction($trans);
    }
  }

  public function executeSignout(sfWebRequest $request) {
    $this->getUser()->setAuthenticated(false);
    $this->getUser()->getAttributeHolder()->remove(Constants::SESSION_USER_ID);
    $this->getUser()->getAttributeHolder()->remove(Constants::SESSION_USERNAME);
    $this->getUser()->getAttributeHolder()->remove(Constants::SESSION_FIRST_NAME);
    $this->getUser()->getAttributeHolder()->remove(Constants::SESSION_LAST_NAME);
    $this->getUser()->getAttributeHolder()->remove(Constants::SESSION_USER_GROUP_ID);
    $this->getUser()->getAttributeHolder()->remove(Constants::SESSION_MERCHANT_ID);
    $this->getUser()->clearCredentials();
    $this->redirect('@signin');
  }

}